我刚刚安装了 ubuntu 服务器 16.04 lts,这是一个带有 ssh 的基本服务器安装。
我安装了监听端口 { 443, 9900, 9901, 9997 } 的服务,它们似乎监听得很好:
$ netstat -plan --protocol=inet
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:9900 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:9997 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:9901 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN -
tcp 0 0 (serveraddress):53430 (serveraddress):9900 ESTABLISHED -
tcp 0 388 (serveraddress):22 (myaddress):53994 ESTABLISHED -
tcp 0 0 (serveraddress):9900 (serveraddress):53430 ESTABLISHED -
当我尝试从我的盒子外面连接它们时,连接被拒绝。
$ nmap -p22,443,9900,9901,9997 (serveraddress)
Starting Nmap 7.01 ( https://nmap.org ) at 2017-02-01 19:12 EST
Nmap scan report for IP-(serveraddress).static.fibrenoire.ca (serveraddress)
Host is up (0.014s latency).
PORT STATE SERVICE
22/tcp open ssh
443/tcp open https
9900/tcp filtered iua
9901/tcp filtered unknown
9997/tcp filtered unknown
Nmap done: 1 IP address (1 host up) scanned in 1.26 seconds
我没有激活防火墙
$ sudo ufw status
Status: inactive
出了什么问题?我需要做什么特殊的事情才能打开端口号 >= 1024?
答案1
原来我的服务器位于服务提供商控制的防火墙后面。我请他解除我需要的端口封锁。
这是正常现象吗?